INSIDE STORY: Govt websites at the MERCY of hackers

INSIDE STORY: Govt websites at the MERCY of hackers

The alarming rate at which crucial government websites are being hacked, mostly from Pakistan and China, has posed serious questions regarding our internal security, reports Vicky Nanjappa.

As many as 294 government websites have been hacked till date and 834 sites defaced, official figures point out.

While this is the case of the government websites, investigations by various cyber crime agencies from across the country have shown that nearly 10,000 emails of government officials too have been hacked in the past five years.

Interestingly, the government of India does have a list of all these hacked websites, the most crucial ones being the websites of the Defence Research Development Organisation, the Central Bureau of Investigation, Bharat Sanchar Nigam Limited, and very recently the network at the Eastern Naval Command at Vishakapatanam.

The other websites to be hacked include those of Madhya Pradesh, Rajasthan, Andhra Pradesh, Tamil Nadu, Maharashtra, Gujarat, Kerala, Odisha, Uttar Pradesh, Sikkim and Manipur governments.

The websites of the Planning Commission, ministry of finance, human resources development, health, and State Bank of India have also been hacked.

How much sensitive data has been lost?

While the government has acknowledged the fact that these sites were hacked, they were also quick to make amends and get these sites to functional almost immediately with additional security measures. The bigger question, however, was the extent of data loss due to the hacking.

Officials say that out of all the cases, the crucial aspect that needs to be looked at is cases of website defacing. These websites are open to the public and one does not need to 'hack' into them in order to gain information. Defacing is aimed at causing embarrassment to Indian agencies.

However, as per the investigations, the biggest loss that was caused as part such activities was the defacing of the CBI, BSNL and DRDO and Eastern Naval Command websites.

The CBI website incident was a major embarrassment since the website remained non-functional for nearly a week. There is a lot of crucial information on the site which includes the list of the Interpol wanted persons. All these details had gone off the radar until the site was put back in place.

In the case of the BSNL incident, the biggest hit was to the pending applications that were submitted online. The BSNL took nearly five days to get their website working and thousands of applications remained in pending status until the issue was resolved.

The hackers had managed to access information of 10,000 users which included phone numbers, addresses and emails. The hackers also managed to get into the internal page which had details of the VPN and other circuits.

The 'internal' hand

The DRDO incident, however, was a bit more serious. There is a probe to see if some sensitive documents were stolen since the DRDO's internal system was hacked.

The incident at the Eastern Naval Command also appear to be similar to the DRDO case. In both, the hacker was trying to access some crucial information.

In the Vishakapatanam incident, the agencies had found a Chinese hand, in which they managed to bug the systems. These hackers had broken into the systems, planted bugs in it and got the information relayed to an IP address in their country.

However, there may have been an internal hand and the bug may have got into the system through a USB which one of the employees was carrying. Following this incident, there has been a thorough checking of the employees and no personal articles have been allowed into operational areas.

Officials point out that the bigger problem was the hacking of the 10,000 emails of government officials.

"We could say that some sensitive data shared via mails have been compromised. Although such information has not been used against India, these hackers don the role of a Trojan who sit on information and continuously monitor it. In case of these emails, those persons have been told to restructure the plan which they had sent on email, so that the information that was leaked out becomes invalid," an official linked to the probe said.

The other two major incidents were the hacking of the websites of the ministry of external affairs and home. These internal websites had crucial information about troop deployment.

The hackers also managed to access information regarding the force deployment of the Indo Tibetan Border Police. Officials in the ministry -- after a probe -- implemented an immediate change in strategy.

Cyber wars with neighbours

Indian agencies have found that a majority of the incidents have emerged out of Pakistan and China. While Pakistan has focused more on a cyber war leading up to defacement of Indian sites, the Chinese have gone a step ahead and tried to bug our defence systems.

From Pakistan comes the threat in the form of the Pakistan Cyber Army and also the H4tr Ck. Pakistan has been in a cyber war with India since 1998 and the first of the cyber armies set up by them was called the Milworm which had defaced the website of the Bhaba Atomic Research Centre.

Following this saw the birth of several other hacker groups called the Pakistan G Force, the Pakistan Cyber Army and the Pakistan Hackers Club.

On the Chinese front, it has been found that a hacker was working with Tencent, which is an e-tailer. It has been alleged that the cyber war against India was set up by a hacker called Gu Kaiyuan who gets government funding. He set up a system to hit at both Indian and Tibetan websites and called the campaign 'Luckycat' through which 90 attacks -- both on India and Tibet -- have been carried out.

Please click NEXT to read further...

Image: A person works on his computer at a cyber caf in China (image for representational purpose only)Photographs: Reuters

India on the defensive

Looking at the manner in which India has reacted to hacking incidents, it appears very defensive. On the cyber war front, Pakistan has hit us 110 times while we have hit them just 40 times in cyber defacing.

India realised that the first thing that needed to be done was amending the law.The Information Technology Act of 2000 was amended to provide better punishment for phishing and hacking.

The Indian Computer Emergency Response Team was set up to issue alerts against cyber threats. Every month the government also conducts six cyber security mock drills to find out the preparedness in handling such attacks. An IT system audit has to be carried out regularly.

More importantly the government has decided to spend Rs 46 crore every year to tackle this problem. This would mean that the agencies could hire ethical hackers and pay them well.

It was said that India needs at least 10,000 ethical hackers to keep the systems safe. The police have now been relying on ethical hackers on a part time basis to help them.

The government of India, on the other hand, has also issued guidelines. No sensitive information can be stored on the systems connected to the internet. A crisis management plan for protection against cyber attacks has also been formulated.

This has been done both at the state and the national level. All the government organisations have been told to implement information security management practises based on international standards.